CVE-2004-1146 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-1146

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before 1.1.5 allow remote attackers to inject arbitrary HTML and web script.

Affected Software

Name	Vendor	Start Version	End Version
Cvstrac	Cvstrac	1.1 (including)	1.1 (including)
Cvstrac	Cvstrac	1.1.1 (including)	1.1.1 (including)
Cvstrac	Cvstrac	1.1.2 (including)	1.1.2 (including)
Cvstrac	Cvstrac	1.1.3 (including)	1.1.3 (including)
Cvstrac	Cvstrac	1.1.4 (including)	1.1.4 (including)

References

http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.html
http://marc.info/?l=bugtraq\u0026m=110332469631253\u0026w=2
http://www.cvstrac.org/cvstrac/chngview?cn=320
http://www.cvstrac.org/cvstrac/chngview?cn=321
http://www.mikx.de/index.php?p=6
http://www.securityfocus.com/bid/12017
https://exchange.xforce.ibmcloud.com/vulnerabilities/18726